package com.gzsxy.esjy.service.auth.shiro.config;


import com.gzsxy.esjy.service.auth.shiro.credentials.CredentialsMatcher;
import com.gzsxy.esjy.service.auth.shiro.realm.UserRealm;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.eis.MemorySessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;

import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author xiaolong
 * @version 1.0
 * @description: TODO
 * @date 2022/2/7 15:23
 */
@Order(-1)
@Configuration
public class ShiroConfig {

    @Bean
    public MethodInvokingFactoryBean methodInvokingFactoryBean(SecurityManager securityManager){
        MethodInvokingFactoryBean factoryBean = new MethodInvokingFactoryBean();
        factoryBean.setStaticMethod("org.apache.shiro.SecurityUtils.setSecurityManager");
        factoryBean.setArguments(securityManager);
        return factoryBean;
    }

    @Bean
    public UserRealm myShiroRealm() {
        UserRealm customRealm = new UserRealm();
        //设置密码加密
        customRealm.setCredentialsMatcher(new CredentialsMatcher());
        return customRealm;
    }

    /**
     * 权限管理，配置主要是Realm的管理认证
     */
    @Bean
    public SecurityManager securityManager(DefaultWebSessionManager sessionManager, MemoryConstrainedCacheManager constrainedCacheManager, UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm);
        securityManager.setSessionManager(sessionManager);
        securityManager.setCacheManager(constrainedCacheManager);
        return securityManager;
    }

    /**
     * Filter工厂，设置对应的过滤条件和跳转条件
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        Map<String, String> map = new LinkedHashMap<>(8);
        //登出
        map.put("/logout", "logout");
        map.put("/auth/login", "anon");
        map.put("/doc.html", "anon");
        map.put("/webjars/**", "anon");
        map.put("/v3/api-docs", "anon");
        map.put("/swagger-resources", "anon");
        //对所有用户认证
//        map.put("/**", "user");
        map.put("/**", "anon");

        factoryBean.setFilterChainDefinitionMap(map);
        Map<String, Filter> filters = factoryBean.getFilters();
        filters.put("user", new UserFilter());

        return factoryBean;
    }

    /**
     * 权限管理，配置主要是Realm的管理认证
     */
    @Bean
    public DefaultWebSessionManager sessionManager(MemorySessionDAO sessionDAO,
                                                   SimpleCookie cookie, MemoryConstrainedCacheManager constrainedCacheManager) {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        //过期时间
        sessionManager.setGlobalSessionTimeout(60 * 1000*60);
        sessionManager.setCacheManager(constrainedCacheManager);
        //删除过期session
        sessionManager.setDeleteInvalidSessions(true);

        //session保存ck
        sessionManager.setSessionIdCookieEnabled(true);
        //定期检查session
        sessionManager.setSessionValidationSchedulerEnabled(true);
        sessionManager.setSessionIdCookie(cookie);
        sessionManager.setSessionDAO(sessionDAO);

        //是否去掉jsession
        sessionManager.setSessionIdUrlRewritingEnabled(true);

        return sessionManager;
    }

    @Bean
    public MemorySessionDAO memorySessionDAO() {
        return new MemorySessionDAO();
    }

    @Bean
    public SimpleCookie simpleCookie() {
        SimpleCookie cookie = new SimpleCookie();
        cookie.setName("Shiro-session");
        return cookie;
    }

    @Bean
    public MemoryConstrainedCacheManager memoryConstrainedCacheManager() {
        return new MemoryConstrainedCacheManager();
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    @ConditionalOnMissingBean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
        advisorAutoProxyCreator.setProxyTargetClass(true);
        return advisorAutoProxyCreator;
    }
}
